Microsoft ES4625 Benutzerhandbuch
Authentication Commands
4-79
4
Command Usage
• If you enable port security, the switch stops learning new MAC addresses on
the specified port when it has reached a configured maximum number. Only
incoming traffic with source addresses already stored in the dynamic or static
address table will be accepted.
incoming traffic with source addresses already stored in the dynamic or static
address table will be accepted.
• First use the port security max-mac-count command to set the number of
addresses, and then use the port security command to enable security on
the port.
the port.
• Use the no port security max-mac-count command to disable port security
and reset the maximum number of addresses to the default.
• You can also manually add secure addresses with the mac-address-table
static command.
• A secure port has the following restrictions:
- Cannot use port monitoring.
- Cannot be a multi-VLAN port.
- Cannot be connected to a network interconnection device.
- Cannot be a trunk port.
- Cannot be a multi-VLAN port.
- Cannot be connected to a network interconnection device.
- Cannot be a trunk port.
• If a port is disabled due to a security violation, it must be manually re-enabled
using the no shutdown command.
Example
The following example enables port security for port 5, and sets the response to a
security violation to issue a trap message:
The following example enables port security for port 5, and sets the response to a
security violation to issue a trap message:
Related Commands
Console(config)#interface ethernet 1/5
Console(config-if)#port security action trap
Console(config-if)#port security action trap